Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am trying to add a new service to nsswitch module named “templateuser” under password database. I am currently using this SO(shared object) to provide identity for users configured under radius and tacacs servers for authentication purpose. The getpwnam_r method has been overridden to retrieve the result “passwd structure” for each unknown user. This is working fine for us.
The main problem arises only on running the linux command “getent <database-name>”, which runs infinitely(never ends). Methods such as endpwent, setpwent and getpwent_r are overridden to retrieve the entries from this service(in this case it is just the remote “templateuser”).
One thing to note is that “getent passwd<database> <username>” works fine. Pls share your thoughts on the implementation of these overridden methods
Not familiar with nss, but wouldn't this always leave template_user NULL.... even though authenticated? It is possible the application is waiting for a valid user.
The _nss_templateuser_endpwent takes void arguments and doesn't return or populate password structures. So assigning a NULL to a local variable[template_user] may not be an issue really (Correct me if i'm wrong!, ref this http://man7.org/linux/man-pages/man3/getpwent.3.html).
The actual password structure population is in _nss_templateuser_getpwent_r, which i copied below.
The _nss_templateuser_getpwent_r is implemented based on http://man7.org/linux/man-pages/man3/getpwent_r.3.html is not invoked when we do a "getent" from shell. For testing we added sample syslogs to verify whether the method is being invoked, but it didn't help.
We are not sure, what are all the methods being invoked by the command getent which loops infinitely for us. Any help/info is much appreciated.
The template_user is statically assigned with remote value in the beginning of the program. Only in _nss_templateuser_endpwent it is assigned back to NULL just to free the unused space. I guess the endpwent will be called at the end of getent execution. Sample code for the static allocation of template_user.
/** Holds a temporary user name. */
static char *template_user = "xyz";
size_t size = 150;
For getuid method we have separate implementation which retrieves the uid of the "xyz" user(which works fine for us). The main problem is the infinite looping of getent linux command.
The template_user is statically assigned with remote value in the beginning of the program. Only in _nss_templateuser_endpwent it is assigned back to NULL just to free the unused space. I guess the endpwent will be called at the end of getent execution. Sample code for the static allocation of template_user.
/** Holds a temporary user name. */
static char *template_user = "xyz";
size_t size = 150;
For getuid method we have separate implementation which retrieves the uid of the "xyz" user(which works fine for us). The main problem is the infinite looping of getent linux command.
Thanks,
Arun
Based on the code supplied... template_user is set to NULL, and the string deallocated (which is an error in the static case you report. And that seems to contradict what you say here.
BTW, a static declaration is not exported to other modules.
If _nss_templateuser_getpwent_r is supposed to get a new entry, then SOMETIME it must not return success...
Yet your code again shows it always returning NSS_STATUS_SUCCESS. Thus anything testing for the end of the list will never terminate.
The command line getent returns a single list of the entries identified. Invoke it again and you get another list. The command works just fine, it terminates normally and cannot do anything else.
Thanks a lot for your valuable suggestions. One of our mistakes was the deallocation of template_user which was previously statically assigned with "remote".
We did enough testing and found out the root cause for the issue too, the mapping for this was also missing under lib folder. Now getent is working fine and thanks for your continuous help provided.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.